Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. To make it easier to configure DKIM, SPF, and DMARC Protection are automate the process

    The guidelines about how to enable DKIM, SPF, and DMARC Protection are difficult to read and understand how to implement. It would be easier to automate this process. Especially because those are very important for mail and web safety.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. I need TTF (True Type Font) support for use with/in a PHP Captcha class.

    There are different kind of Security steps we have to take in use for the user interaction. CAPTCHA is the main item in this respect when we provide users with front end data input(via any form) and in some cases all forms do not support Google Re-Captcha, then we have to use custom PHP Captcha class to complete the security steps of user submitted data within a form.

    For most of the character based Captcha, they mostly used TTF font (True Type Font).

    So, Please add support for TTF Fonts with Plesk.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Disable "Show password" buttons

    An option to disable "show password" buttons would be a nice addition to the security policy.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. In banned IP of (Fail2Ban) add the name of subscription have the infection

    In banned IP of (Fail2Ban) add the name of subscription have the infection

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Require domain TXT record verification before adding domain to Plesk.

    Require domain TXT record verification before adding domain to Plesk.

    Plesk need to implement an option to require domains to be verified like for example Let's Encrypt with a TXT record with a key value, that Plesk can check on an admin specified interval like 5 mins perhaps, with a self-cleaning feature that removes un-verified domains after X days.

    So as Plesk administrator you can activate the domain verification option on subscription level, that requires the customers to verify their domain, when using the function "add domain".

    So "add domain" should have an initial state of "awaiting verification" before it…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Disable/Enable access to plesk web interface

    I want stop plesk web interface without side effects for the services. I only mean the access as client in the browser. I'm thinking about disabling the web interface via the shell to avoid the many login attempts, to increase security and if you need the web interface yourself, you can temporarily enable it via the shell.

    or

    Here is already a feature "Restricting Administrative Access" per ip address. https://docs.plesk.com/en-US/obsidian/administrator-guide/plesk-administration/securing-plesk/restricting-administrative-access.59465/ Nice, but most of us have a dynamic ip address. So it would be nice if you could set the allowed IP(s) via the shell and delete old invalid IPs…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Secure webmail with SSL automatically if it exists on example.com

    Please provide a possibility to secure webmail automatically if webmail.example.com exists in Plesk.

    This can be done by auto-selecting "Secure webmail on this domain" during a certificate creation for example.com.

    As it currently stands, end users get confused by the feature.

    The more Plesk can simplify this process for end-users, the less support will be required for my customers.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. In domain logs allow select all function in order to copy to firewall rules

    This feature requests comes from having to manually copy and paste bad IP's from the domain log files. It would be a request that when you carried out a search for say POST /xmlrpc.php HTTP/1.0 or GET /wp-login.php HTTP/1.0 from brute force hacking or malware bots you can easily just select all, then paste this over to the block list in the Firewall rules.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. independent passwords for database and user interface

    To allow Plesk to have an independent admin user password for database, which won't be the same as the graphical user interface.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Centralized SSL Certificate Support

    I would like if you guys can add Centralized SSL Certificate Support in Plesk GUI, it would be easy to manage,
    as I had added a UNC path (\172.16.0.11\shared-certificates) in my Plesk via command line but now I cannot switch back to local path (C:\shared-certificates) as it was configured with UNC path & if I add a local path via command line, it says that the UNC path is not available even though I am using local path.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. pin

    I think a call in pin would be nice. Something that the user can change, but it is kept hidden unless they are logged in and click on it to see it. This will allow for end users to request help securely.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Create security.txt

    Help admins and customers to create a security.txt file when creating a site in Plesk Panel, see https://securitytxt.org/
    No details yet.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. mac authenitcation support

    Hi there,

    i have the 2 step authentication active on plesk login but it only provide support for google authenticator. and plesk is the only website i have in google authenticator so i have to keep the app just for plesk. Please add support for apple also where we can setup 2step authentication with setup key in keychain passwords or any other app easily with relying on google. thanks

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Implement logic for DDOS protected domains

    As a hosting company we should have an option to give customers ddos protection.

    The only implementation that works great is taking a domain, secure it with ddos protection service and generate customers a subdomain under this domain.

    Lets say, example.com is protected under ddos protection software.
    A customer clicks on "add domain" and if we blocked the option to add any domains, there will be only generated a subdomain under example.com, EG: website1223153.example.com

    This subdomain would be protected by a ddos protection service.
    The customer can create a CNAME to website1223153.example.com in order to connect his domain to the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Make Plesk Firewall add/change rules incrementally without restarting the whole service

    Make Plesk Firewall add/change rules incrementally without restarting the whole service.

    Now Plesk firewall reloads all rules in iptables when rules are changed in firewall (all rules are added anew). If there is a long list of blacklisted IPs or server is under a brute-force attack and there are a lot of IPs blocked by the Fail2Ban, adding/changing any rule via Plesk Firewall will cause server restart that is taking a lot of time due to a large number of blocked IPs.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. NS in the firewall

    About the firewall, access can currently be allowed from manually added IP addresses. I think it would be a good idea to be able to add nameservers to allow FTP and SSH access from places where the IP changes periodically.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Add a possibility to enable debug for iptables using Kernel TRACE

    It would be great to have an ability to enable dubugging as describe here: https://serverfault.com/questions/122157/debugger-for-iptables/126079#126079 using Plesk Firewall

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Create option to allo Plesk login via CLI only

    Allow customers to set Plesk login so that it only accepts the CLI-generated secret key and will not take in credentials. This will essentially work as a 2FA enforcement as only admins with SSH access will be able to log into Plesk, thus reducing the exposure to brute force attacks.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Disk encryption

    Disk level encryption.
    Similar to what AWS offers with RDS.
    Encryption at rest for the entire server rather than doing it column by column manually.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base